Application Security

Unit 42, a research team of Palo Alto Networks found a new malware family this month and named it Xbash. This new malware combines ransomware, coinming, botnet, and worm features and targets Linux and Windows mainly. Xbash is developed in Python and was then converted into self-contained Linux ELF executables by abusing the legitimate tool […]

Recently Rockwell Automation fixed a critical vulnerability (CVE-2018-14829) found in its RSLinx Classic, a software platform that allows Logix 5000 Programmable Automation Controllers to connect to a wide variety of Rockwell Software applications. A remote attacker could make the device being accessed stop responding and crash by sending a malicious CIP packet to Port 44818. […]

Yesterday, September 19th, Cisco announced an advisory for a critical vulnerability (CVE-2018-0150) that exists with their IOS XE Software. The vulnerability is due to an undocumented user account with privilege level 15 that has a default username and password. An attacker could exploit this vulnerability by using this account to remotely connect to an affected […]

On August 22, 2018, Beijing time, Apache Software Foundation (ASF) released a security bulletin, announcing a remote code execution vulnerability (CVE-2018-11776, CNVD-2018-15894, or CNNVD-201808-740) in Apache Struts 2. This vulnerability exists in either of the following cases: The namespace value is not set for a result defined in underlying XML configurations. Also, upper action configurations […]

Tag: Apache Struts2, CVE-2018-11776, Remote Code Execution, S2-057 Severity：Critical This vulnerability can lead to remote code execution. PoC has been made publicly available and may lead to significant, extensive impact. Description On August 22, Apache disclosed a remote code execution (RCE) vulnerability that has been asigned the CVE number CVE-2018-11776. This vulnerability could be triggered […]

According to a report with NCCIC on August 13, two vulnerabilities were found in WECON LeviStudioU. They are stack-based buffer overflow vulnerability (CVE-2018-10602) and heap-based buffer overflow vulnerability (CVE-2018-10606). NSFOCUS security team and Ghirmay Desta worked with Mat Powell of Trend Micro’s Zero Day Initiative to report these vulnerabilities to NCCIC. Successful exploitation of these […]